Already a subscriber? Make sure to log into your account before viewing this content. You can access your account by hitting the “login” button on the top right corner. Still unable to see the content after signing in? Make sure your card on file is up-to-date.

The Department of Justice, along with international law enforcement agencies, has carried out a coordinated operation to dismantle a ransomware group responsible for attacking hundreds of critical infrastructure targets and stealing hundreds of millions of dollars in cryptocurrency.

Getting into it: According to the DOJ, law enforcement seized four servers, nine domains, and approximately $1,091,453 in virtual currency tied to the BlackSuit ransomware group, a successor to the notorious Royal ransomware operation. BlackSuit emerged in 2023 as a rebranded continuation of the Royal ransomware group, which has been active since 2022. Since then, the groups have attacked more than 450 known victims across healthcare, education, public safety, energy, manufacturing, retail, technology, and government, collectively extorting more than $370 million in cryptocurrency at current valuations.

One notable case involved a victim paying 49.3120227 Bitcoin (worth $1,445,454.86 at the time) to decrypt critical data; a portion of those funds was later traced, laundered through virtual currency exchanges, and ultimately frozen by authorities.

While the operation dealt a significant blow to BlackSuit’s infrastructure, no arrests have been made. Officials and cybersecurity experts warn that the group’s operators still possess the skills, knowledge, and funding to rebuild under a new name.

In a statement, Attorney Jeanine Ferris Pirro said, “Whether these criminals target law enforcement, other government agencies, or private companies, my office and our law enforcement partners stand ready to go toe-to-toe with criminals and make victims whole.”

In addition to the US, the United Kingdom, Germany, Ireland, France, Canada, Ukraine, and Lithuania participated in the takedown.